The program WINALLL is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with WINALLL.
Download for free: http://www.unhackme.com
Malware Analysis of WINALLL
Full path on a computer: %Common Startmenu%\MSDCSC\winalll
Detected by UnHackMe:
WINALLL
Default location: %Common Startmenu%\MSDCSC\winalll
Removal Results: Success
Number of reboot: 1
WINALLL is known as:
Backdoor.Graybird, DarkComet.F, WIN.Trojan.DarkKomet, Backdoor.DarkKomet.xyk, Trojan.DarkKomet.clwukn, Backdoor.Agent.674304.A, Backdoor.Agent.XAB, BackDoor.Comet.152, Backdoor.Fynloski.A (v), BDS.DarkKomet.GR, Troj.Backdr-ID, Hack.HuigeziT.cz, Backdoor.Fynloski.A, Backdoor.Fynloski, Backdoor.DarkKomet, Backdoor.DarkKomet.AQKi, Win32.Fynloski.AA, Backdoor.Pontoeb.4DF0, Trojan.CDur, W32.DarkKomet.ID.tr.bdr, BackDoor.Delf.DMT, Trj.Packed.B
WINALLL hash:
- MD5: 1fe22ffa6f1acd52a8b55b32824d945c
How to quickly detect WINALLL presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\winalll: “%Common Startmenu%\MSDCSC\winalll”
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%Common Startmenu%\MSDCSC\winalll”
Folders:- %Common Startmenu%\MSDCSC
Files:- %Common Startmenu%\MSDCSC\winalll